-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
63 lines (50 loc) · 1.7 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Builder layer
FROM alpine:3.20 AS builder
# Create upp user and setup Rust
ENV RUST_VERSION=1.82.0 \
PATH=$PATH:/root/.cargo/bin \
USER=rates \
UID=10001 \
CARGO_NET_GIT_FETCH_WITH_CLI=true \
CARGO_BUILD_JOBS=4
RUN apk --no-cache add musl-dev openssl-dev openssl-libs-static openssl rustup clang lld curl && \
rustup-init --profile minimal --default-toolchain $RUST_VERSION -y && \
rustup update && \
adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
"${USER}"
WORKDIR /rates
# Copy source code and build
COPY ./ .
RUN cargo build --release && \
strip target/release/exchange-rate-service
####################################################################################################
## Final image
####################################################################################################
FROM debian:bookworm-20240722-slim
RUN apt-get update -y && \
apt-get dist-upgrade -y && \
apt-get install -y --no-install-recommends \
libssl-dev openssl clang ca-certificates && \
update-ca-certificates && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Import from builder.
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
WORKDIR /rates
# Copy our build
COPY --from=builder /rates/target/release/exchange-rate-service ./
COPY --from=builder /rates/static ./static/
# enable logging with env_logger and display capturing stacktrace via backtrace
ENV RUST_LOG=info \
RUST_BACKTRACE=1
# Use an unprivileged user.
USER rates:rates
EXPOSE 9012
CMD ["/rates/exchange-rate-service"]